Network system having a network appliance

ABSTRACT

Systems, components, and methods for use in a commercial kitchen intelligence system. A network appliance and a plurality of kitchen components are coupled to a data communication network. The network appliance establishes a VPN connection with a portal remote to the commercial kitchen. The network appliance establishes communication with a point-of-sale (POS) system for receipt of POS data. The network appliance facilitates communication among the kitchen components on the data communications network independent of different protocols by which the kitchen components are configured to communicate.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of International Application No.PCT/US2016/029760, filed Apr. 28, 2016, which claims priority to U.S.Provisional Patent Application No. 62/154,104, filed Apr. 28, 2015, U.S.Provisional Patent Application No. 62/203,716, filed Aug. 11, 2015, andU.S. Provisional Patent Application No. 62/294,741, filed Feb. 12, 2016,all of which are hereby incorporated by reference in their entireties.

FIELD

The present disclosure generally relates to a computerized network, andmore particularly to a network system having a network appliance.

BACKGROUND

Food preparation establishments such as restaurants, including quickservice or fast food restaurants, have kitchens including severalkitchen components. The kitchen components may be configured forcommunicating with other components by various protocols. It may bechallenging to establish communication among components configured forcommunicating by different protocols. In addition, existing networks, ifany, in these types of establishments are generally not particularlygood and present integration challenges. Moreover, establishing remotecommunication with a network of kitchen components through a restaurantfirewall can be challenging.

SUMMARY

A kitchen intelligence system embodying aspects of the invention permitsintegrating various kitchen components. To do so, the kitchenintelligence system establishes communication among componentsconfigured for communicating by different protocols.

One aspect of the present invention is directed to a commercial kitchenintelligence system. The system includes a plurality of kitchencomponents coupled to a data communication network. At least two of thekitchen components are configured to communicate according to differentprotocols. The system also includes a network appliance coupled to thedata communication network. The network appliance includes a networkappliance processor executing instructions for brokering communicationsamong the kitchen components on the data communications network.

Another aspect of the present invention is directed to a networkappliance for use in a commercial kitchen. The network applianceincludes a network switch having a plurality of ports. At least two ofthe ports have kitchen components connected thereto via a datacommunication network. The kitchen components are configured tocommunicate according to different protocols. The network applianceincludes an application server coupled to the switch for communicatingwith the kitchen components via the data communication network. Theapplication server executes processor-executable instructions forbrokering communications among the kitchen components. A virtualmessaging bus is established to which the kitchen components areconnected.

Another aspect of the present invention is directed to a commercialkitchen intelligence system for use with a remote portal. The systemincludes at least one kitchen component coupled to a data communicationnetwork. The system also includes a network appliance coupled to thedata communication network. The network appliance includes a networkappliance processor executing instructions for establishing a virtualprivate network connection with the remote portal over the Internet forpermitting bi-directional communication between the network applianceand the remote portal.

Yet another aspect of the present invention is directed to a networkappliance for a commercial kitchen network including a POS system andconfigured for communication with a remote portal over the Internet. Thenetwork appliance has an application server including a networkappliance processor and a non-transitory computer-readable storagemedium. The network appliance includes a first network port forconnecting the network appliance to the POS system. The networkappliance includes a second network port for connecting the networkappliance to the Internet. The network appliance includes a networkappliance housing supporting the application server and first and secondnetwork ports.

Other objects and features of the present invention will be in partapparent and in part pointed out herein.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram of a network system embodying aspects of the presentinvention;

FIG. 2 is diagram of a network appliance of the network system of FIG.1;

FIG. 3 is another diagram of the network appliance;

FIG. 4 is an exemplary representation of a dialog of communicationbetween the network appliance and a portal for establishment of areverse VPN connection, and between the network appliance and a point ofsale system;

FIG. 5 is an exemplary diagram of agents connected to a data bus of thenetwork system, including a line representing communication between anagent on behalf of a food product management system and an agent onbehalf of a food product holding unit;

FIG. 6 is an exemplary representation of a dialog of communicationbetween the product management system and the product holding unit viathe respective agents and the data bus of FIG. 4;

FIG. 7 is a diagram of a second embodiment of a network system embodyingaspects of the present invention;

FIG. 8 is a diagram of a network appliance of the network system of FIG.7; and

FIG. 9 is a diagram of a third embodiment of a network appliance.

Corresponding reference characters indicate corresponding partsthroughout the drawings.

DETAILED DESCRIPTION

Referring to the drawings, FIG. 1 illustrates one embodiment of anetwork system embodying aspects of the present invention, designatedgenerally by the reference number 10. In the illustrated example, thesystem 10 is configured as a food preparation establishment networksystem for use in a food preparation establishment, such as a restaurantor other commercial kitchen, including a quick service or “fast food”restaurant. The system 10 can be used for “smart kitchen” purposes suchas forecasting or predicting food that will be ordered in the future,preparing food, monitoring food preparation and food inventory,providing indications and instructions regarding food preparation andfood inventory, labor scheduling management, asset tracking, smartappliance communication, sensor network integration, global inventorycontrol, and facilitating communications between devices in the networkfor these and other purposes. As will become apparent, the networkfacilitates communication between various components of the networkacross a variety of communication protocols.

Referring still to FIG. 1, the system 10 in the illustrated embodimentincludes a point-of-sale (POS) network 10A and a kitchen network 10B.The POS network 10A includes a plurality of POS terminals 20 forentering customer orders, a POS switch 22, a POS server 24, and a POSfirewall 26. The kitchen network 10B includes components, such as foodpreparation apparatus 32 and control apparatus 34. The food preparationapparatus 32 may include various food cooking devices 36. An oven isshown in FIG. 1 as an example of one such cooking device, and it will beunderstood that other cooking devices, such as fryers, microwaves, doughconditioning cabinets, and grills can be used without departing from thescope of the present invention. The food preparation apparatus 32 mayalso include food holding apparatus 38 such as one or more food holdingunits adapted for holding food at a suitable temperature (e.g., cooltemperature, ambient temperature, and/or warm temperature) such as asteam table, an infrared holding unit, a heat sink holding unit, orother holding unit, etc. The control apparatus 34 may include variousdevices such as local computers 40 and remote or offsite computers 42,any of which could take the form of various types of computers,including a tablet or hand-held computing device (e.g., smarttelephone), desktop computer, or laptop computer, etc. The localcomputers 40 can be free-standing or mounted on or near food productpreparation apparatus.

In the illustrated embodiment, local computers 40 include a plurality ofuser interfaces in the form of timer panels 40A, 40B for indicating foodheld in product holding units and associated hold times and a manager'spanel 40C for displaying similar information and optionally additionalinformation. The remote computers 42 may take the form of variouscomputers, such as a tablet or other hand-held computing device (e.g.,smart telephone), desktop computer, or laptop computer, etc. The remotecomputers 42 can provide access to information similar to the manager'spanel 40C. As described in further detail below, the control apparatus34 also includes a network appliance 50 facilitating communicationbetween various components of the network system and serving variousother purposes. For example, a food processing management systemincludes software executed by one or more of the control apparatus 34,such as the network appliance 50, as described further below.

In another aspect, the control apparatus 34, such as the networkappliance 50, stores and executes software providing, for example, asuite of “smart kitchen” applications including food inventory andprocessing management, labor scheduling management, asset tracking,smart appliance communication, sensor network integration, globalinventory control, and the like. One or more of the control apparatus 34may be used instead of or in conjunction with the network appliance 50for carrying out these operations. For example, the local computers 40(e.g., timer panels 40A, 40B) may be in wired or wireless communicationwith the network appliance 50 and be positioned at various locations inthe kitchen, such as adjacent food preparation apparatus 32 for whichinformation displayed on the local computers pertains. In oneembodiment, a timer panel 40A, 40B could be used for monitoring holdtimes of food in a food product holding unit 38 and be positionedadjacent or on the food product holding unit.

It will be appreciated that adapting an existing food preparationestablishment such as a restaurant to have the food preparationestablishment network system 10 can present many challenges. Forexample, many food preparation establishments, even if similar innature, can have unique kitchen components, POS systems, and networkcharacteristics. Food preparation establishments use various POSvendors, and even within the same vendor, POS systems often have customconfigurations per store. Food preparation apparatus 32 pre-existing ina store have various communication capabilities (e.g., variouscommunication protocols.) It will be appreciated that these and otheraspects of food preparation establishments can present challenges toforming the kitchen network 10B, enabling communication between thevariety of components of the kitchen network, providing bi-directionalcommunication between the components of the kitchen network over theInternet (e.g., via an ISP gateway 56) with remote control apparatus(e.g., the remote computers 42), and providing communication between thekitchen network and the POS network 10A for supplying POS data to thecontrol apparatus 34. These aspects of the system 10 are useful forfully enabling the control apparatus 34 to execute the smart kitchenapplications and other purposes outlined above. As will become apparent,the network appliance 50 includes a variety of features that facilitateovercoming the above-mentioned challenges in establishing the system 10.The network appliance 50 makes establishment of such systems 10 at arelatively large commercial scale a reality, because installations aremore efficient and less time consuming, as will become apparent.

The network appliance 50 represents the central nervous system of thenetwork system 10. The network appliance 50 is configured forfacilitating communication between the various other components of thenetwork system, notwithstanding the variety of communication protocolsthat may be used. The network appliance 50 is a hardware and softwaresolution designed to bring value to the food preparation establishmentor restaurant to permit communication integration of existing and futurefood preparation apparatus 32 and control apparatus 34. Referring toFIGS. 2 and 3, the network appliance 50 in the illustrated embodimentincludes an application server 60, a network router 62, a network switch64, and at least one communication protocol gateway 66A-66E. The networkappliance 50 can take various physical forms. For example, the networkappliance 50 may include a housing (e.g., represented schematically inFIG. 2) for housing the various components, and network connectors orports may be mounted on the housing to be accessible from the exteriorfor making connections with the various components.

The application server 60 provides the computing engine that drives thecenter of the kitchen. Disparate workloads ranging from low leveloperating system tasks, high level business applications, statisticalforecast engines, relational databases, network integration andcoordination software, and system health and monitoring can all beexecuted with great speed and high levels of throughput. The applicationserver 60 may have the following features and characteristics:

Dual core CPU clock speeds of 1-2 Ghz

4 GB of system RAM

32 GB of SSD Hard drive

Hypervisor installed on the bare metal hardware

Guest Operating Systems running in Hardware Assisted virtualized mode

Using a hypervisor provides the application server 60 with the advantageof doing “brain transplants” by downloading new appliances for majorreleases. The application server 60 is configured to leapfrog pastdevice upgrade models, such as over the air firmware upgrades, that riskdevice failure due to inconsistent or broken data exchange (brickeddevices). This strategy allows for higher confidence in releasing with afar lower chance of catastrophic failure.

The network router 62 provides a high level of network integration. Thenetwork router 62 brings its own network, and provides high security forbridging to networks, such as the POS network 10A, that containsensitive PCI (Payment Card Industry) compliant data. For example, therouter 62 can be a network switch (e.g., layer 3 network switch) thathas routing capability and may be referred to herein as a router and/ora switch. The far side of the network integration, often times foundlacking from a security standpoint, is segmented properly using thenetwork appliance's advanced routing technology and physical portconfigurations. Having sufficient flexibility of physical networkinterfaces is a challenge of the low cost network routing space. Therouter 62 includes, for example, five WAN interface ports 62A, an AccessPoint Power over Ethernet port 62B, a PCI port 62C, and a LAN Power overEthernet port 62D. Four of the five WAN ports 62A provide Power overEthernet support in addition to the 10/100 Mbps data throughputmeasurements. The router 62 has the ability to physically segment anon-PCI compliant network (e.g., perhaps the POS network 10A) from a PCIcompliant network (e.g., the kitchen network 10A). The router providesthe ability to provide a physical LAN segment between the POS network10A and the kitchen network 10B. The router provides the ability to be aVPN client to a master VPN server cluster.

As explained in further detail below, in an embodiment, the router 62enables secure Reverse VPN connection, allowing for secure encryptedtraffic originating from a control center portal in the cloud to enterthe network appliance 50 and provide support/diagnostics, and updateswith a secure connection to the cloud.

The router 62 has the ability to provide Access Point power and data viaa single Category 5e cable via the AP PoE port 62B. The network router62 is a substantial architectural component. In an effort to not pollutethe existing network infrastructure with a large and growing number ofnetwork endpoints, the network router 62 abstracts the complexity of theInternet of Things from the existing premise network, while stilloffering the needed real time integration. Thus, the network appliance50 provides a high level of routing technology.

The network switch 64 is, for example, an Ethernet switch for routinginternal components in addition to external devices. The network switch64 provides capacity for future network devices.

A variety of communication protocol gateways are contemplated. As shownin FIG. 2, a ZigBee gateway 66A, Bluetooth gateway 66B, Wi-Fi gateway66C, RFID gateway 66D, and network interface gateway 66E can be used,and it will be understood that various other types of communicationprotocol gateways (e.g., NFC) can be used without departing from thescope of the present invention. The network appliance 50 has thecapability to bridge multiple communication protocols and normalize tothe de-facto standards of the internet age (Ethernet, TCP/IP, UDP).

The ZigBee gateway 66A, sitting atop the 802.15.4 wireless protocol andproviding a wireless personal area network, provides a gateway to theInternet of Things including a variety of devices. The ZigBee gateway66A provides an ability to bridge the 802.15.4 protocol specificationusing the globally approved 2.4 Ghz unlicensed spectrum for ZigBee. Inone example, the ZigBee gateway 66A may provide communication abilitywith ZigBee enabled components such as appliances or sensor systems(e.g., HVAC systems, HACCP food temperature measurement systems, alarmsystems, etc.).

The Wi-Fi gateway or access point 66C provides wireless connection toWi-Fi enabled components, such as various food preparation apparatus 32and/or control apparatus 34. The Wi-Fi access point 66C can be anenterprise grade outdoor IP rated (waterproof) 5 Ghz Wi-Fi access pointproviding a robust 5 Ghz smart channel spectrum. The network appliance50 interoperates with the Wi-Fi access point 66C to provide high speedwireless access needed for the application systems run by theapplication server 60. The 5 Ghz unlicensed band allows for a much morerobust wireless environment able to engage with the harsh kitchenenvironment of food preparation apparatus 32 such as microwaves,stainless steel, existing wireless communication systems, and publicWi-Fi for customers. For example, the Wi-Fi access point 66C may have anIP65 rated weatherproof enclosure and have operating temperaturethresholds ranging from −30 C to +70 C to allow for harsh kitchentemperatures and provide an ability to extend the range and flexibilityof wireless devices in a harsh commercial kitchen environment. The Wi-Fiaccess point 66C may use 23 non-overlapping channels for cleaner datareception and signal interference and “smart” channel selection to tuneto the least congested segment of the spectrum. The Wi-Fi access point66C allows for more thorough cleaning, flexibility of layout and design,and custom arrangement of devices. Wireless communications will beuseful in kitchens of the future to help avoid infrastructure andmaintenance costs for wiring/rewiring.

The network interface gateway 66E allows the network appliance 50 tobridge the past to the future. For example, older food preparationapparatus 32 and control apparatus 34 can be bridged for communicationwith new food preparation apparatus and control apparatus having newercommunication protocols and other technology. Legacy control networkssuch as used on older food product preparation apparatus and controlapparatus use various network architectures and standards (e.g.,single-wire protocol). The network appliance 50 bridges older devices tonewer devices through the hardware interconnects and the softwaresystems. Using the network interface gateway 66E, the network appliance50 can connect to legacy control networks (e.g., BACnet, RS-485 controlnetworks, RS-232 devices) to bridge to established protocols, providingthe ability to use legacy systems elongating their usable lifetimes, andproviding longer ROI paths to existing CapEX purchases. The networkinterface 66E may include a single board computer with various wirelineprotocol interconnects, such as, Serial Peripheral Interface (SPI), I2C(I2C), Control Area Network (CAN), RS-485, RS-232, and have several(e.g., sixty or more) general purpose input/output pins.

Broadly speaking, the gateways 66A-66E described above can be said toprovide network connections between the network appliance 50 and othercomponents of the network system 10. Still other network connections canbe provided by hardwired network connections. For example, as shown inFIG. 2, all of the ports of the router 62, including the WAN ports 62A(e.g., for connecting to the Internet, etc.), AP Power over Ethernetport 62B (e.g., for connecting to the Wi-Fi gateway 66C), PCI port 62C(e.g., for connecting to the POS network), and LAN Power over Ethernetport 62D, may be considered network connections of the network appliance50. The network appliance 50 also includes several LAN ports 70 via thenetwork switch 64 providing network connections for wired connection tovarious components, such as food preparation apparatus 32 and controlapparatus 34.

As an example, assume an existing food preparation establishment decidesit would like to have capabilities provided by one or more of the “smartkitchen” applications and features outlined above. Perhaps the foodpreparation establishment desires to have the suite of applicationsincluding, for example, food inventory and processing management, laborscheduling management, asset tracking, smart appliance communication,sensor network integration, global inventory control, and the like. Toestablish the system 10 to enable the operation of such programs, thenetwork appliance 50 and the local computers 40A, 40B, 40C will beinstalled. Prior to installation of the local computers 40A, 40B, 40C,the network appliance 50 will be installed. Prior to installation of thenetwork appliance 50, the food preparation establishment is asked toconfirm or establish various software, hardware, and/or networkcomponents are properly configured for the appliance installation. Forexample, the food preparation establishment may be asked to provide thefollowing:

-   -   Internet access with port forwarding    -   Reservation of appropriate router IP address for network        appliance    -   Reservation of sibling IP address to POS server (as applicable)    -   Outbound access configurations    -   Inbound access configurations

An initial step of installing the network appliance 50 is connecting theappliance to the Internet (e.g., via an ISP gateway, modem, or switchdesignated for the appliance) and connecting the appliance to the POSnetwork 10A. The WAN port 62A and the PCI port 62C, respectively, andcorresponding Ethernet cables are used for these purposes. Installationcan be relatively simple in plugging the network appliance 50 into apower outlet and following an installation wizard. The applicationserver 60 of the network appliance 50 stores instructions forestablishing a connection with the remote portal (e.g., hosted by aremote computer 42) over the Internet, and for establishingcommunication with the POS network 10A. The network appliance 50 isprogrammed to work toward full connectivity with the remote computer 42and POS network 10A, maintain that connectivity after established, andre-establish such connectivity if a break subsequently occurs.

In one embodiment, the application server 60 of the network appliance 50has instructions for establishing and maintaining a reverse virtualprivate network (“VPN”) connection for communication with a portalhosted by a remote computer 42. An example sequence of communication forestablishment of such a reverse VPN connection is illustrated in FIG. 4.In a first phase, the network appliance 50 seeks outbound connectivityover the Internet with the portal 42. In response to such a signal fromthe network appliance 50, the portal 42 responds with an acknowledgementsignal and custom data payload (e.g., VPN credentials). After validationof the first phase, in a second phase, the network appliance 50, fromthe trusted location inside the food preparation establishment, executesstored software to signal the portal 42 to establish a VPN session. Theportal 42 responds with a connection signal. The network appliance 50transmits a second connect signal to the portal 42, and in turn, theportal sends an inbound signal, thus establishing bi-directionalcommunication via the VPN session. Progression in the steps ofestablishing the VPN connection is monitored by the network appliance 50and portal 42, and can be communicated to food preparation establishmentpersonnel and network appliance manufacturer for updating them on statusof installation and notification of installation errors, etc. Theestablished VPN connection is shown schematically in FIG. 1 andindicated generally by the reference number 72.

It will be appreciated that use of the VPN connection 72 in this foodpreparation establishment context provides several advantages. At abasic level, the VPN connection 72 provides a “tunnel” through thefirewall to the portal. The VPN connection 72 provides a reliable,secure tunnel for bi-directional communication between the portal 42 andthe kitchen network 10B. It will be appreciated that kitchen networkcomponents, whether pre-existing or subsequently installed, can beconnected to the portal 42 via the network appliance 50 and VPNconnection 72 without having to separately transit the firewall (e.g.,without having to reconfigure the firewall of the network appliance).Such communication can enable remote access by food establishmentpersonnel to all aspects (e.g., programming, monitoring, etc.) of thecomponents of the kitchen network 10B and access to the suite of “smartkitchen” applications remotely. Moreover, it will be appreciated thatthe VPN tunnel 72 provides a reliable pathway for manufacturers toremotely communicate with smart kitchen appliances 32 for firmwareupdates and other purposes.

After establishment of the VPN connection 72, the network appliance 50executes stored software for establishing communication with the POSsystem 10A. Referring again to FIG. 4, the network appliance 50 seeksPOS connectivity, and the POS signals the network appliance whenconnectivity is established. In one embodiment, data communicated fromthe portal to the network appliance 50 during or after establishment ofthe VPN session can be customized settings such as POS networkinformation useful in establishing POS connectivity. For example, suchinformation includes whether to connect with the POS system 10A by“listening” for a signal “pushed” from the POS system or by “requesting”or “pulling” information from the POS system. When phase three has beenvalidated, communication with the POS network 10A has been established.As with establishment of the VPN connection, the network appliance 50and portal 42 can monitor the progress of establishment of the POSconnection and communicate related information to the food preparationestablishment personnel and network appliance manufacturer. The POSconnection is made in a PCI-compliant manner, and enables communicationof POS data to the control apparatus 34 for use in the suite ofapplications outlined above as needed.

Another step in forming the network system 10 is establishingcommunication of the various kitchen network components with the networkappliance 50. It will be understood that an existing commercial kitchenmay include components (control apparatus 34 and preparation apparatus32, etc.) made by various manufacturers. The components may not be madeto communicate with each other by a common protocol or may not otherwisehave compatible communication capabilities. For example, a food productholding unit 38 configured for single-wire or serial protocolcommunication is incapable of directly communicating with an oven 36configured for LAN or Wi-Fi protocol communication. According to thepresent invention, the network appliance 50 enables communication withand between these types of components notwithstanding the difference incommunication protocols.

To enable communication across the variety of communication protocols,the application server 60 stores and executes software that provides amessaging middleware standard (e.g., layer 7 OSI model standard) toprovide application gateways to lower layer protocols in ZigBee,Ethernet, Wi-Fi, RS-485, RS-232, etc. The software may be referred to asprotocol translation and information brokering software. As shown inFIG. 5, the software defines a plurality of virtual smart agents 80associated with respective devices (e.g., food preparation apparatus 32and control apparatus 34) and a virtual data bus 82 connecting the smartagents. In the illustrated embodiment, agents 80 are shown representingvarious food preparation apparatus 32 and control apparatus 34. Theapparatus may be manufactured by different companies (e.g., Company A,Company B, etc.), and therefore configured to communicate according todifferent protocols rather than a common protocol.

In an embodiment, the agents 80 are software modules that function asfinite state machines, each acting as a protocol proxy. The agents 80are configured for translating information from the specific protocolsupported by the represented component to an agnostic protocol, and viceversa. The agnostic protocol is used for communication between theagents 80. The agents 80 can publish and subscribe to information on thedata bus 82 using the agnostic protocol. A virtual broker 84 brokersinformation among the agents 80 according to subscriptions of theagents. Thus, the network appliance 50 facilitates operationalintelligence across a wide variety of equipment, providing a bridge toequipment via hardware and software interconnects.

An example communication between a food processing management system(e.g., the network appliance 50 executing food processing managementsystem software) and food holding unit 38 via the protocol translationand information brokering software is represented in FIG. 5 as a boldedline 86 extending along the data bus 82 between respective agents 80A,80B. An example dialog between the food processing management system 50and the food product holding unit 38 via respective agents 80A, 80B isshown in FIG. 6. In a first communication 90, the product holding unit38 signals the associated agent 80A to bind, and the agent signals anacknowledgement to the product holding unit. In a second communication92, the PHU agent 80A signals the virtual broker to subscribe the agentto commands published to the data bus 82 for the PHU. In a thirdcommunication 94, the agent 80B for the food processing managementsystem 50 signals the virtual broker to subscribe to events relating tothe PHU 38. In a fourth communication 96, the food processing managementsystem 50 signals its agent 80B to send a “start holding well” signal tothe PHU 38. The communication from the food processing management system50 can occur in a particular protocol. In response to the communication,the agent 80B publishes a holding well start signal 98 in the agnosticprotocol to the data bus 82, essentially translating the communication.Pursuant to the subscription of the PHU agent 80A to PHU commandsignals, the broker 84 transmits the holding well start signal 100 tothe PHU agent in the agnostic protocol. In an embodiment, the middlewaresoftware executing on the application server transmits the command froma queue. The PHU agent 80A translates the holding well start signal fromthe agnostic protocol to a protocol used by the PHU 38 and signals 102the PHU in that protocol to start the holding well. The PHU 38communicates to the processing management system 50 that the holdingwell has been started in a manner similar to that described with respectto the holding well start signal, but in the reverse order. The PHUsignals 104 the PHU agent 80A to send a holding well started signal, thePHU agent 80A publishes a signal 106 to the data bus 82 in the agnosticprotocol, the broker 84 transmits a signal 108 to the food processmanagement system agent 80B according to the subscription for PHUevents, and the food process management system agent signals 110 thefood process management system 50. It will be understood thesecommunications are provided by way of example without limitation, andvarious other information or data may be communicated among devices inthe network via the protocol translation and brokering software.

As is now apparent, installation of the network appliance 50 greatlyfacilitates networking of the kitchen components, establishingcommunication with the remote portal 42, and establishing communicationwith the POS network 10A. Also, the network appliance 50 enables theoperation of the suite of “smart kitchen” applications outlined above.Moreover, it will be appreciated, the network appliance 50 provides theadditional advantage of permitting reliable, secure bi-directionalcommunication over the VPN tunnel 72 for various purposes, such as toupdate firmware of food preparation apparatus of the kitchen network.The host of the remote portal 42 can provide access to the kitchennetwork 10B and/or specific food preparation apparatus 32 or computers40 of the kitchen network to third parties, such as the manufacturers ofthe respective components, via the VPN tunnel 72 for various purposes.

Referring now to FIG. 7, a second embodiment of a network systemembodying aspects of the present invention is designated generally bythe reference number 210. The network system of this embodiment issimilar to the network system 10 described above with respect to FIGS.1-6, and like parts are designated with like reference numbers, plus200. For example, in this embodiment, the system 210 includes a POSnetwork 210A with a plurality of POS terminals 220, a POS switch 222,and a POS server 224. The system 210 also includes a kitchen network210B including food preparation apparatus 232 (e.g., food cookingdevices 236 and food holding apparatus 238) and control apparatus 234(e.g., local computers 240A-240C and remote computers 242).

The network appliance 250 has a simpler construction relative to thenetwork appliance 50 described above. Referring to FIG. 8, the networkappliance 250 includes a single chip computer 260 (broadly “applicationserver”). In one embodiment, the single chip computer has an ARM basedCPU 260A (broadly “network appliance processor”) running at speeds of 1GHz and 512 MB of RAM 260B (broadly “non-transitory computer-readablestorage medium”) and is supplied with 5 volts power. The networkappliance 250 also includes first and second network ports 262A, 262C(e.g., RJ45 ports) for connection to the POS system 210A and Internet(e.g., via ISP gateway, modem, or switch designated for the networkappliance), respectively. Desirably, the network appliance 250 alsoincludes a power indicator 274, and a status indicator 276. In oneexample, the network appliance 250 includes a relatively simple housingor case (e.g., shown schematically in FIG. 8) supporting and enclosingthe single chip computer and supporting the ports and indicators.

Referring again to FIG. 7, it will be appreciated the network appliancemakes use of the restaurant firewall 226, instead of having its ownfirewall as in the first embodiment. Moreover, the network appliancemakes use of a separate switch 264, instead of a switch (e.g., switch64) onboard the network appliance. Accordingly, in this embodiment, thenetwork appliance 250 makes use of existing or separately suppliednetwork infrastructure (e.g., switch 264, firewall 226, communicationgateways, etc.) in the food preparation establishment instead ofproviding it onboard the network appliance.

The network appliance 250 of this embodiment provides several of thesame advantages as the network appliance 50 described above. Forexample, the network appliance 250 executes instructions stored in thememory 264 for establishing a VPN connection 272 over the Internet(e.g., via an ISP gateway 256) with a portal hosted by an offsitecomputer 242. After physical connection of the network appliance 250 tothe Internet and to the POS network 210A via the network ports 262A and262C, the process for establishment of the VPN tunnel would proceedexactly as described above with respect to FIG. 4. Moreover, the networkappliance 250 executes stored instructions for establishingcommunication with the POS network, as described above with respect toFIG. 4. Additionally, the network appliance 250 executes storedinstructions to establish a virtual data bus and facilitatecommunication among various networked components, as described abovewith respect to FIGS. 5 and 6.

The indicators 274, 276 of the network appliance 250 are useful inindicating to the user at the food preparation establishment status ofthe network appliance. For example, the power indicator 274 is in anactive state (e.g., illuminated) whenever power is supplied to thenetwork appliance 250. The status indicator 276 indicates status of thevarious connections made by the network appliance and the indicatorchanges to different indicator states to indicate different states ofconnection. For example, in one embodiment, the status indicator 276 isin an inactive state when the network appliance 250 has power but hasnot yet started establishing connections. When the network appliance 250is working to establish the outbound connectivity with the remote portal242, the status indicator blinks or flashes relatively slowly. Afteroutbound connectivity with the remote portal 242 is established, andwhile the network appliance 250 is working to establish inboundconnectivity with the remote portal, the status indicator 276 blinks orflashes at a relatively intermediate speed. After the VPN session 272 isestablished, and while the network appliance is working to establishcommunication with the POS system 210A, the status indicator blinks orflashes at a relatively fast speed. Finally, after communications withthe remote portal 242 and the POS system 210A have been established, thestatus indicator 276 maintains a steady active state (e.g., constantillumination). It will be appreciated that the indicators 274, 276 canbe provided and used in a similar fashion in the previous embodiment.

Accordingly, the network appliance 250 enables network connectivity andcommunication for the suite of “smart kitchen” applications outlinedabove, which may be executed by one or more of the control apparatus234. Moreover, it will be appreciated, the network appliance 250provides the additional advantage of permitting reliable, securebi-directional communication over the VPN tunnel 272 for variouspurposes, such as to update firmware of food preparation apparatus ofthe kitchen network. As with the previous embodiment, the host of theremote portal 242 can provide access to the kitchen network 210B and/orspecific food preparation apparatus 232 or computers 240 of the kitchennetwork to third parties, such as the manufacturers of the respectivecomponents, via the VPN tunnel 272 for various purposes. Like thenetwork appliance 50, this network appliance 250 can be installed inconjunction with the local computers 240A, 240B, 240C to providereliable network connectivity and communication across variouscommunication protocols with kitchen network components and fullyenabling the suite of smart kitchen applications.

Referring now to FIG. 9, a third embodiment of a network applianceembodying aspects of the present invention is designated generally bythe reference number 350. The network appliance of this embodiment issimilar to the network appliance 50 described above with respect toFIGS. 1-6, and like parts are designated with like reference numbers,plus 300. For example, the network appliance 350 includes an applicationserver 360 and a router 362. The application server 360 can have thesame construction and perform the same functions explained above withrespect to the application server 60. The network appliance 50 alsoincludes a network interface gateway 366E (broadly, a “communicationprotocol gateway”). It will be understood that the network appliance 350can be used in place of the network appliance 50 in the network system10 shown in FIG. 1, to perform the same functions of the networkappliance 50 explained above.

Like the network router 62, the network router 362 provides a high levelof network integration. The network router 362 brings its own network,and provides high security for bridging to networks, such as the POSnetwork 10A, that contain sensitive PCI (Payment Card Industry)compliant data. For example, the router 362 can be a network switch(e.g., a layer 3 network switch) that has routing capability and may bereferred to herein as a router and/or a switch. The far side of thenetwork integration, often times found lacking from a securitystandpoint, is segmented properly using the network appliance's advancedrouting technology and physical port configurations. Having sufficientflexibility of physical network interfaces is a challenge of the lowcost network routing space. The router 362 includes a plurality of portsfor making network connections. For example, router 362 has a WANinterface port 362A (e.g., for connecting to the Internet), an AccessPoint Power over Ethernet port 362B (e.g., for connecting to the Wi-Figateway 66C), and a PCI port 362C (e.g., for connecting to the POSnetwork 10A). The router 362 in the illustrated embodiment also includesa LAN Power over Ethernet port 362D and a LAN port 370, both of whichcould be used for connecting to various food preparation apparatus 32.Additional ports and/or other ports can be provided without departingfrom the scope of the present invention. For example, an expansionswitch 371 having LAN ports 373 can be used for connecting to additionalfood preparation apparatus 32 or other devices. The router 362 has theability to physically segment a non-PCI compliant network (e.g., perhapsthe POS network 10A) from a PCI compliant network (e.g., the kitchennetwork 10B). The router 362 provides the ability to provide a physicalLAN segment between the POS network 10A and the kitchen network 10B. Therouter 362 provides the ability to be a VPN client to a master VPNserver cluster, as explained above, for enabling secure reverse VPNconnection.

The network interface gateway 366E (broadly “communication protocolgateway”) allows the network appliance 350 to bridge the past to thefuture. For example, older food preparation apparatus 32 and controlapparatus 34 can be bridged for communication with new food preparationapparatus and control apparatus having newer communication protocols andother technology. Legacy control networks such as used on older foodproduct preparation apparatus and control apparatus use various networkarchitectures and standards (e.g., single-wire protocol). The networkappliance 350 bridges older devices to newer devices through thehardware interconnects and the software systems. In this embodiment, thenetwork interface gateway 366E comprises a single board computerincluding RS-232 wireline protocol ports 367 configured for connectingto legacy RS-232 devices. For example, one or more of the ports 367 canbe used for connecting to a legacy food holding unit 38, and/or one ormore of the connectors can be used for connecting to a legacy localcomputer 40 operating a food management software.

Broadly speaking, the ports 367 of the gateway 366E and all of the portsof the router 362 may be considered network connections of the networkappliance 350.

The network appliance 350 can take various physical forms. For example,the network appliance 350 may include a housing (e.g., shownschematically in FIG. 9) for housing the various components, and networkconnectors or ports may be mounted on the housing to be accessible fromthe exterior for making connections with the various components.

In an aspect of the present invention, components of the network systems10, 210 can be used to implement a food preparation establishmentvirtual software application store. As explained above, the networkappliance 50, 250, 350 can store and/or execute software applications.Such software applications can be accessible for free or purchaseddownload by users at the food preparation establishment via the virtualstore. In one embodiment, the remote computers or offsite portal 42, 242can host a virtual store that is accessible via the cloud from the foodpreparation establishment, e.g., via one or more of the local computers40, 240. Desired software applications can be downloaded from thevirtual store and saved to, e.g., the network appliance 50, 250, 350 (oranother component of the network system 10, 210). Accordingly, theapplication server 60, 260, 360 can be updated to include and executevarious software applications selected by a user at the food preparationestablishment. It will be appreciated that the connectivity the networkappliance 50, 250, 350 facilitates in the network system 10, 210 enablesimplementation of a variety of different software applications. Thesoftware applications can take advantage of the networking of thevarious components in the food preparation establishment facilitated bythe network appliance 50, 250, 350 and the VPN connection. The host ofthe remote portal 42, 242 can accept third party software applicationsubmissions and provide them for download via the virtual store. Forexample, the software applications can be directed to food inventory andprocessing management, labor scheduling management, asset tracking,smart appliance communication, sensor network integration, globalinventory control, etc. The software applications can be directed foruse with a particular component or a variety of components of thenetwork system 10, 210. In one example, a manufacturer of a foodpreparation apparatus 32 sold to the food preparation establishment maydesire to make a software application available in the virtual storethat is usable in conjunction with the particular food preparationapparatus (and perhaps in conjunction with the local computers 40, 240).In another example, a sensor network provider may desire to offer asoftware application available in the virtual store such that thenetwork appliance 50, 250, 350 facilitates connectivity of the sensorswith each other in the food preparation establishment, with othercomponents of the network system 10, 210, and/or with components remotefrom the store (e.g., via the VPN connection).

Although the network appliances 50, 250, 350 are described herein asbeing used in conjunction with local computers and for enabling the“smart kitchen” applications, it will be appreciated that variousfeatures of the network appliances are useful apart from such use. Forexample, the network appliances 50, 250, 350 can be used in a scenariowithout a “food processing management system” such as without localcomputers 40A, 40B, 40C or 240A, 240B, 240C for the purpose offacilitating communication between food preparation apparatus 32 or 232using different native communication protocols, and for facilitatingcommunication between offsite computers 42 or 242 with the networkedkitchen components, such as for providing reliable, secure VPNconnection 72 or 272 to food preparation apparatus for remotely updatingfirmware, etc. As explained above, the VPN connection 272 through thenetwork appliance 250 facilitates remote Internet connection to laterinstalled appliances because it can be done relatively easily throughthe existing VPN connection, desirably without having to reconfigure therestaurant firewall 226. In an embodiment, where a management system(e.g., local computers 40A, 40B, 40C or 240A, 240B, 240C) is not used,or the food preparation establishment is not interested in thecapabilities such as food preparation forecasting, etc. requiring a POSdata feed, the network appliance 50, 250, 350 does not need to beconnected to the POS network 10A, 210A.

It will be appreciated that any of the network appliances 50, 250, 350can be integrated in and thus be a part of any of the food preparationapparatus 32, 232 (e.g., food cooking devices 36, 236 and food holdingapparatus 38, 238). A food preparation apparatus 32, 232 having thenetwork appliance 50, 250, 350 onboard the apparatus could have thefeatures and functionality described above with respect to the networkappliances and could be referred to as a food preparation apparatus or anetwork appliance.

Embodiments of the present invention may comprise a special purposecomputer including a variety of computer hardware, as described ingreater detail below.

Embodiments within the scope of the present invention also includecomputer-readable media for carrying or having computer-executableinstructions or data structures stored thereon. Such computer-readablemedia can be any available media that can be accessed by a specialpurpose computer. By way of example, and not limitation, suchcomputer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or otheroptical disk storage, magnetic disk storage, or other magnetic storagedevices, or any other medium that can be used to carry or store desiredprogram code means in the form of computer-executable instructions ordata structures and that can be accessed by a general purpose or specialpurpose computer. When information is transferred or provided over anetwork or another communications connection (either hardwired,wireless, or a combination of hardwired or wireless) to a computer, thecomputer properly views the connection as a computer-readable medium.Thus, any such a connection is properly termed a computer-readablemedium. Combinations of the above should also be included within thescope of computer-readable media. Computer-executable instructionscomprise, for example, instructions and data which cause a generalpurpose computer, special purpose computer, or special purposeprocessing device to perform a certain function or group of functions.

The following discussion is intended to provide a brief, generaldescription of a suitable computing environment in which aspects of theinvention may be implemented. Although not required, aspects of theinvention will be described in the general context ofcomputer-executable instructions, such as program modules, beingexecuted by computers in network environments. Generally, programmodules include routines, programs, objects, components, datastructures, etc. that perform particular tasks or implement particularabstract data types. Computer-executable instructions, associated datastructures, and program modules represent examples of the program codemeans for executing steps of the methods disclosed herein. Theparticular sequence of such executable instructions or associated datastructures represent examples of corresponding acts for implementing thefunctions described in such steps.

Those skilled in the art will appreciate that aspects of the inventionmay be practiced in network computing environments with many types ofcomputer system configurations, including personal computers, hand-helddevices, multi-processor systems, microprocessor-based or programmableconsumer electronics, network PCs, minicomputers, mainframe computers,and the like. Aspects of the invention may also be practiced indistributed computing environments where tasks are performed by localand remote processing devices that are linked (either by hardwiredlinks, wireless links, or by a combination of hardwired or wirelesslinks) through a communications network. In a distributed computingenvironment, program modules may be located in both local and remotememory storage devices.

An exemplary system for implementing aspects of the invention includes ageneral purpose computing device in the form of a conventional computer,including a processing unit, a system memory, and a system bus thatcouples various system components including the system memory to theprocessing unit. The system bus may be any of several types of busstructures including a memory bus or memory controller, a peripheralbus, and a local bus using any of a variety of bus architectures. Thesystem memory includes read only memory (ROM) and random access memory(RAM). A basic input/output system (BIOS), containing the basic routinesthat help transfer information between elements within the computer,such as during start-up, may be stored in ROM. Further, the computer mayinclude any device (e.g., computer, laptop, tablet, PDA, cell phone,mobile phone, a smart television, and the like) that is capable ofreceiving or transmitting an IP address wirelessly to or from theinternet.

The computer may also include a magnetic hard disk drive for readingfrom and writing to a magnetic hard disk, a magnetic disk drive forreading from or writing to a removable magnetic disk, and an opticaldisk drive for reading from or writing to removable optical disk such asa CD-ROM or other optical media. The magnetic hard disk drive, magneticdisk drive, and optical disk drive are connected to the system bus by ahard disk drive interface, a magnetic disk drive-interface, and anoptical drive interface, respectively. The drives and their associatedcomputer-readable media provide nonvolatile storage ofcomputer-executable instructions, data structures, program modules, andother data for the computer. Although the exemplary environmentdescribed herein employs a magnetic hard disk, a removable magneticdisk, and a removable optical disk, other types of computer readablemedia for storing data can be used, including magnetic cassettes, flashmemory cards, digital video disks, Bernoulli cartridges, RAMs, ROMs,solid state drives (SSDs), and the like.

The computer typically includes a variety of computer readable media.Computer readable media can be any available media that can be accessedby the computer and includes both volatile and nonvolatile media,removable and non-removable media. By way of example, and notlimitation, computer readable media may comprise computer storage mediaand communication media. Computer storage media include both volatileand nonvolatile, removable and non-removable media implemented in anymethod or technology for storage of information such as computerreadable instructions, data structures, program modules or other data.Computer storage media are non-transitory and include, but are notlimited to, RAM, ROM, EEPROM, flash memory or other memory technology,CD-ROM, digital versatile disks (DVD) or other optical disk storage,SSDs, magnetic cassettes, magnetic tape, magnetic disk storage or othermagnetic storage devices, or any other medium which can be used to storethe desired non-transitory information, which can accessed by thecomputer. Alternatively, communication media typically embody computerreadable instructions, data structures, program modules or other data ina modulated data signal such as a carrier wave or other transportmechanism and includes any information delivery media.

Program code means comprising one or more program modules may be storedon the hard disk, magnetic disk, optical disk, ROM, and/or RAM,including an operating system, one or more application programs, otherprogram modules, and program data. A user may enter commands andinformation into the computer through a keyboard, pointing device, orother input device, such as a microphone, joy stick, game pad, satellitedish, scanner, or the like. These and other input devices are oftenconnected to the processing unit through a serial port interface coupledto the system bus. Alternatively, the input devices may be connected byother interfaces, such as a parallel port, a game port, or a universalserial bus (USB). A monitor or another display device is also connectedto the system bus via an interface, such as video adapter 48. Inaddition to the monitor, personal computers typically include otherperipheral output devices (not shown), such as speakers and printers.

One or more aspects of the invention may be embodied incomputer-executable instructions (i.e., software), routines, orfunctions stored in system memory or non-volatile memory as applicationprograms, program modules, and/or program data. The software mayalternatively be stored remotely, such as on a remote computer withremote application programs. Generally, program modules includeroutines, programs, objects, components, data structures, etc. thatperform particular tasks or implement particular abstract data typeswhen executed by a processor in a computer or other device. The computerexecutable instructions may be stored on one or more tangible,non-transitory computer readable media (e.g., hard disk, optical disk,removable storage media, solid state memory, RAM, etc.) and executed byone or more processors or other devices. As will be appreciated by oneof skill in the art, the functionality of the program modules may becombined or distributed as desired in various embodiments. In addition,the functionality may be embodied in whole or in part in firmware orhardware equivalents such as integrated circuits, application specificintegrated circuits, field programmable gate arrays (FPGA), and thelike.

The computer may operate in a networked environment using logicalconnections to one or more remote computers. The remote computers mayeach be another personal computer, a tablet, a PDA, a server, a router,a network PC, a peer device, or other common network node, and typicallyinclude many or all of the elements described above relative to thecomputer. The logical connections include a local area network (LAN) anda wide area network (WAN) that are presented here by way of example andnot limitation. Such networking environments are commonplace inoffice-wide or enterprise-wide computer networks, intranets and theInternet.

When used in a LAN networking environment, the computer is connected tothe local network through a network interface or adapter. When used in aWAN networking environment, the computer may include a modem, a wirelesslink, or other means for establishing communications over the wide areanetwork, such as the Internet. The modem, which may be internal orexternal, is connected to the system bus via the serial port interface.In a networked environment, program modules depicted relative to thecomputer, or portions thereof, may be stored in the remote memorystorage device. It will be appreciated that the network connectionsshown are exemplary and other means of establishing communications overwide area network may be used.

Preferably, computer-executable instructions are stored in a memory,such as the hard disk drive, and executed by the computer.Advantageously, the computer processor has the capability to perform alloperations (e.g., execute computer-executable instructions) inreal-time.

The order of execution or performance of the operations in embodimentsof the invention illustrated and described herein is not essential,unless otherwise specified. That is, the operations may be performed inany order, unless otherwise specified, and embodiments of the inventionmay include additional or fewer operations than those disclosed herein.For example, it is contemplated that executing or performing aparticular operation before, contemporaneously with, or after anotheroperation is within the scope of aspects of the invention.

Embodiments of the invention may be implemented with computer-executableinstructions. The computer-executable instructions may be organized intoone or more computer-executable components or modules. Aspects of theinvention may be implemented with any number and organization of suchcomponents or modules. For example, aspects of the invention are notlimited to the specific computer-executable instructions or the specificcomponents or modules illustrated in the figures and described herein.Other embodiments of the invention may include differentcomputer-executable instructions or components having more or lessfunctionality than illustrated and described herein.

When introducing elements of aspects of the invention or the embodimentsthereof, the articles “a,” “an,” “the,” and “said” are intended to meanthat there are one or more of the elements. The terms “comprising,”“including,” and “having” are intended to be inclusive and mean thatthere may be additional elements other than the listed elements.

Having described aspects of the invention in detail, it will be apparentthat modifications and variations are possible without departing fromthe scope of aspects of the invention as defined in the appended claims.As various changes could be made in the above constructions, products,and methods without departing from the scope of aspects of theinvention, it is intended that all matter contained in the abovedescription and shown in the accompanying drawings shall be interpretedas illustrative and not in a limiting sense.

What is claimed is:
 1. A commercial kitchen intelligence system for usewith a remote portal, the system comprising: a first commercial kitchenfood preparation apparatus comprising a network appliance onboard thefirst commercial kitchen food preparation apparatus, the networkappliance configured to communicate with the remote portal for the firstcommercial kitchen food preparation apparatus, said network appliancecomprising a network appliance processor executing instructions forestablishing a virtual private network connection with the remote portalover the Internet for permitting bi-directional communication betweenthe network appliance and the remote portal; and a second commercialkitchen food preparation apparatus in communication with the networkappliance onboard the first commercial kitchen food preparationapparatus and with the remote portal by way of the network applianceonboard the first commercial kitchen food preparation apparatus via thevirtual private network connection established by the network appliance.2. The system of claim 1, wherein the first and second commercialkitchen food preparation apparatuses are configured to communicateaccording to different protocols; and wherein the network applianceprocessor executes processor-executable instructions for brokeringcommunications among the first and second commercial kitchen foodpreparation apparatuses, said instructions, when executed by the networkappliance processor, establishing a virtual messaging bus to which thefirst and second commercial kitchen food preparation apparatuses areconnected to broker the communications among the first and secondcommercial kitchen food preparation apparatuses.
 3. The system of claim2, wherein the network appliance comprises an application server havingthe first and second commercial kitchen food preparation apparatusescoupled thereto for communicating with the first and second commercialkitchen food preparation apparatuses, the application server includingthe network appliance processor for executing the processor-executableinstructions for brokering communications among the first and secondcommercial kitchen food preparation apparatuses via the virtualmessaging bus.
 4. The system of claim 2, wherein theprocessor-executable instructions for brokering communications among thefirst and second commercial kitchen food preparation apparatusescomprise instructions for: executing a first virtual agent to provide aninterface between the first commercial kitchen food preparationapparatus communicating according to a first protocol and the virtualmessaging bus; and executing a second virtual agent to provide aninterface between the second commercial kitchen food preparationapparatus communicating according to a second protocol different thanthe first protocol and the virtual messaging bus.
 5. The system of claim4, wherein the first and second virtual agents establish apublish/subscribe messaging pattern therebetween on the virtualmessaging bus.
 6. The system of claim 4, wherein the first and secondvirtual agents establish a message queue paradigm therebetween on thevirtual messaging bus.
 7. The system of claim 4, wherein theprocessor-executable instructions for brokering communications among thefirst and second commercial kitchen food preparation apparatusescomprise instructions for the first and second virtual agents tocommunicate via the virtual messaging bus according to an agnosticprotocol.
 8. The system of claim 2, further comprising a non-transitorycomputer-readable medium having the processor-executable instructionsfor brokering communications among the first and second commercialkitchen food preparation apparatuses stored thereon.
 9. The system ofclaim 2, further comprising one or more point-of-sale terminals incommunication with the first and second commercial kitchen foodpreparation apparatuses via the network appliance.
 10. The system ofclaim 2, wherein the first and second commercial kitchen foodpreparation apparatuses comprise one or more of the following: a productholding unit, a fryer, a microwave, a grill, a dough conditioningcabinet, or an oven.
 11. The system of claim 2, wherein the networkappliance comprises a network switch having a plurality of ports, atleast two of the ports having the first and second commercial kitchenfood preparation apparatuses connected thereto.
 12. The system of claim2, wherein the of first and second commercial kitchen food preparationapparatuses and the network appliance are located at a commercial foodpreparation establishment, the plurality of first and second commericlakitchen food preparation apparatuses and the network appliance beinglocally connected at the commercial food preparation establishment. 13.The system of claim 1, wherein the network appliance includes: a networkswitch having a plurality of ports, at least two of the ports having thefirst and second commercial kitchen food preparation apparatusesconnected thereto, the first and second commercial kitchen foodpreparation apparatuses being configured to communicate according todifferent protocols; and an application server coupled to the switch forcommunicating with the first and second commercial kitchen foodpreparation apparatuses, the application server executingprocessor-executable instructions for brokering communications among thefirst and second commercial kitchen food preparation apparatuses, saidinstructions, when executed by the application server, establishing avirtual messaging bus to which the first and second commercial kitchenfood preparation apparatuses are connected to broker the communicationsamong the first and second commercial kitchen food preparationapparatuses.
 14. The appliance system of claim 13, wherein theprocessor-executable instructions for brokering communications among thefirst and second commercial kitchen food preparation apparatusescomprise instructions for: executing a first virtual agent to provide aninterface between the first commercial kitchen food preparationapparatus communicating according to a first protocol and the virtualmessaging bus; and executing a second virtual agent to provide aninterface between the second commercial kitchen food preparationapparatus communicating according to a second protocol different thanthe first protocol and the virtual messaging bus.
 15. The system ofclaim 14, wherein the first and second virtual agents establish one ormore of the following: a publish/subscribe messaging pattern on thevirtual messaging bus between the first and second virtual agents, or amessage queue paradigm on the virtual messaging bus between the firstand second virtual agents.
 16. The system of claim 13, furthercomprising one or more network connections coupled to the network switchfor connecting the first and second commercial kitchen food preparationapparatuses to the virtual messaging bus established by the applicationserver.
 17. The system of claim 16, wherein the network connections areconfigured to physically connect the first and second commercial kitchenfood preparation apparatuses to the network switch.
 18. The system ofclaim 13, further comprising a network layer router configured forproviding Payment Card Industry (PCI) compliant secure communicationsbetween one or more point-of-sale terminals and the application server.19. The system of claim 1, wherein the network appliance comprises anon-transitory computer-readable medium having the processor-executableinstructions for establishing the VPN connection stored thereon.
 20. Thesystem of claim 1, further comprising at least one commercial kitchencomponent, and wherein the system further comprises a network switchhaving at least one port, the at least one port having the at least onecommercial kitchen component connected thereto via a data communicationnetwork for selectively permitting communication between the remoteportal and the at least one commercial kitchen component via the VPNconnection.
 21. The system of claim 20, wherein the first commercialkitchen food preparation apparatus includes the network switch.
 22. Thesystem of claim 20, wherein the first commercial kitchen foodpreparation apparatus comprises a non-transitory computer-readablemedium storing processor-executable instructions for, when executed bythe network appliance processor, brokering communications amongcommercial kitchen components in communication with the networkappliance processor via the data communication network.
 23. The systemof claim 1, wherein the instructions for establishing a virtual privatenetwork connection include instructions for sending an initial signalfrom the network appliance to the remote portal in order to initiate theestablishment of the virtual private network connection between thenetwork appliance and the remote portal.
 24. The system of claim 23,wherein the instructions for sending the initial signal from the networkappliance to the remote portal include instructions for automaticallysending the initial signal from the network appliance to the remoteportal when the network appliance is connected to the Internet.